Handler on Duty: Xavier Mertens
Threat Level: green
Podcast Detail
Zipped JS Files Malspam;
If you are not able to play the podcast using the player below: Use this direct link to the audio file: https://chrt.fm/track/2748D7/https://traffic.libsyn.com/securitypodcast/4857.mp3
My Next Class
Application Security: Securing Web Apps, APIs, and Microservices | Online | US Eastern | Jan 27th - Feb 1st 2025 |
Network Monitoring and Threat Detection In-Depth | Baltimore | Mar 3rd - Mar 8th 2025 |
Interested in Internet Storm Center stickers? Check here if there are still some available for today.
Malware With Zip'ed Javascript Attachments
https://isc.sans.edu/forums/diary/A+trip+through+the+spam+filters+more+malspam+with+zip+attachments+containing+js+files/20697/
Netgear NMS300 Arbitrary Codes Execution Vulnerability
https://www.kb.cert.org/vuls/id/777024
Apple Home Button "Error 53"
http://www.theguardian.com/money/2016/feb/05/error-53-apple-iphone-software-update-handset-worthless-third-party-repair
Symantec Certificate Authority Whois E-Mail Parsing Problem
https://www.agwa.name/blog/post/domain_validation_vulnerability_in_symantec_ca
T9000 Backdoor Records Skype Conversations
http://researchcenter.paloaltonetworks.com/2016/02/t9000-advanced-modular-backdoor-uses-complex-anti-analysis-techniques/
https://isc.sans.edu/forums/diary/A+trip+through+the+spam+filters+more+malspam+with+zip+attachments+containing+js+files/20697/
Netgear NMS300 Arbitrary Codes Execution Vulnerability
https://www.kb.cert.org/vuls/id/777024
Apple Home Button "Error 53"
http://www.theguardian.com/money/2016/feb/05/error-53-apple-iphone-software-update-handset-worthless-third-party-repair
Symantec Certificate Authority Whois E-Mail Parsing Problem
https://www.agwa.name/blog/post/domain_validation_vulnerability_in_symantec_ca
T9000 Backdoor Records Skype Conversations
http://researchcenter.paloaltonetworks.com/2016/02/t9000-advanced-modular-backdoor-uses-complex-anti-analysis-techniques/
Discussion
New Discussions closed for all Podcasts older than two(2) weeks
Please send your comments to our Contact Form
Application Security: Securing Web Apps, APIs, and Microservices | Online | US Eastern | Jan 27th - Feb 1st 2025 |
Network Monitoring and Threat Detection In-Depth | Baltimore | Mar 3rd - Mar 8th 2025 |
Application Security: Securing Web Apps, APIs, and Microservices | Orlando | Apr 13th - Apr 18th 2025 |
Application Security: Securing Web Apps, APIs, and Microservices | San Diego | May 5th - May 10th 2025 |
Network Monitoring and Threat Detection In-Depth | Baltimore | Jun 2nd - Jun 7th 2025 |